RE: Kerio Personal Firewall

[Heilman Sgt Marshall S <HeilmanMS () mfe usmc mil>]

        There are actually a number of interesting tools available. Probably
the most popular would be fport from foundstone.com. This tool is incredibly
simple and, in a nutshell, maps services to their ports. If you are looking
for something graphical, try Vision, also from Foundstone. This tool has
some other interesting features though that you may or may not find useful.
        If you are trying to find the open ports on your system, nmap is the
best way to go. Nmap is available in *NIX or M$ flavors (www.insecure.org).
There is also a graphical M$ product called IP-Tools which can work as well
(http://www.ks-soft.net/ip-tools.eng/)
        

Marshall

-----Original Message-----
From: Chee%2dHeng Chin [mailto:chchin () iastate edu]
Sent: Monday, November 18, 2002 7:41 PM
To: security-basics () securityfocus com
Subject: Kerio Personal Firewall


Hello list,
           I am trying to configure Kerio Personal Firewall and this
firewall 
allows me to specify explicitly which service is allowed inbound/outbound 
connection thru either TCP/UDP including the exact port numbers and IP range
to 
respond to. 

My question is: Is there a software/utility that will tell me exactly which 
service/application is currently listening on exactly which TCP/UDP port
number?

"netstat -a" only lists the active listening ports but doesnt tell me which 
service/application is listening on that port for incoming packets.

I would like to "lock down" the server as much as possible by specifying 
exactly which port and service a connection is allowed. Thanks in advance.

Regards,

chchin